Lucene search
JenkinsCVELIST:CVE-2022-46686HistoryDec 07, 2022 - 12:00 a.m.
CVE-2022-46686
2022-12-0700:00:00
jenkins
www.cve.org
1
jenkins
build properties
xss
Jenkins Custom Build Properties Plugin 2.79.vc095ccc85094 and earlier does not escape property values and build display names on the Custom Build Properties and Build Summary pages, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to set or change these values.
CNA Affected
[
{
"product": "Jenkins Custom Build Properties Plugin",
"vendor": "Jenkins Project",
"versions": [
{
"lessThanOrEqual": "2.79.vc095ccc85094",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
github
github
Jenkins Custom Build Properties Plugin vulnerable to Cross-site Scripting
2022-12-12 09:30:35
cve
cve
CVE-2022-46686
2022-12-12 09:15:13
osv
osv
Jenkins Custom Build Properties Plugin vulnerable to Cross-site Scripting
2022-12-12 09:30:35
prion
prion
Cross site scripting
2022-12-12 09:15:00
nvd
nvd
CVE-2022-46686
2022-12-12 09:15:13
nessus
nessus
Jenkins plugins Multiple Vulnerabilities (2022-12-07)
2023-07-31 00:00:00